ransomwarefandomcom-20200214-history
Popcorn Time Ransomware
Popcorn Time Ransomware Overview Security experts detected a new malware threat known as the Popcorn Time ransomware. At the time of its discovery it was still in development. Upon infection the virus not only encrypts target data and extorts the victim but also prohibits ordinary computer use by installing a screenlocker. Popcorn Time Ransomware Note There are several samples and each of them has a slightly different ransomware note. First example: Warning Message!! We are sorry to say that your computer and your files have been encrypted, but wait, don’t worry. There is a way that you can restore your computer and all of your files 06 Days 23:59:09 Hours When countdown ends your files will be lost forever You must send at least BAMOUNT Bitcoin to our wallet and you will get your files back Your personal unique ID: UID Send BAMOUNT BTC to this address: WADDRESSS After you’ve made the payment, you will get a code, please insert it here: ……………… Decrypt Second example: Restoring your files – The fast and easy way To get your files fast, please transfer 1.0 Bitcoin to our wallet address 1LeiPgvh6S9VEXWV2dZTytSRd7e9B1bWt3. When we will get the money, we will immediately give you your private decryption key. Payment should be confirmed in about 2 hours after payment made. What we did? We had encrypted all of your important images, documents, videos and all other files on your computer. We used a very strong encryption algorithm that used by all governments all over the world (Encryption – Wikipedia). We store your personal decryption code to your files on our servers and we are the only ones that can decrypt your files. Please don’t try to be smart, anything other than payment will cause damage to your files and the files will be lost forever!!! If you will not pay for the next 7 days, the decryption key will be deleted and your files will be lost forever. Restoring your files – The nasty way Send the link below to other people, if two or more people will install this file and pay, we will decrypt your files for free. https://3hnuhydu4pd247qb.onion.to/r/0e72bfe849c71dec4a867fe60c78ffa5 Why we do that? We are a group of computer science students from Syria, as you probably know Syria is having bad time for the last 5 years. Since 2011 we have more the half million people died and over 5 million refugees. Each part of our team has lost a dear member from his family. I personally have lost both my parents and my little sister in 2015. The sad part of this war is that all the parts keep fighting but eventually we the poor and simple people suffer and watching our family and friends die each day. The world remained silent and no one helping us so we decided to take an action. (Syria War in Wikipedia) Be perfectly sure that all the money that we get goes to food, medicine, shelter to our people. We are extremely sorry that we forcing you to pay but that’s the only way that we can keep living. Popcorn Time Ransomware Distribution The Popcorn Time ransomware samples were not collected from live attacks and according to the initial security analysis the virus was still under development at the time of discovery. However we presume that infection sources include the typical spam email campaigns, exploit kit attacks, browser hijackers and etc. Popcorn Time Ransomware Removal In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.